US senators get digging to find out the truth about FCC DDoS attack

And why serial self-promoter John McAfee is a security expert on Russian hacking

Senate Democrats are pressing government officials to explain their claims on election tampering and cyberattacks.

Senator Ron Wyden (D-OR) is heading up a pair of efforts to look into the FCC's claim that its comment system was hit by a DDoS attack in 2014 and 2017, and to examine whether the US Election Assistance Commission (EAC) is properly handling its oversight of anti-hacking protections ahead of the mid-term ballots.

From the FCC, Wyden and fellow Senator Brian Schatz (D-HI) want Chairman Ajit Pai to provide more details about the 2017 comment system outage the commission claimed was the result of a DDoS attack.

Critics have suggested that there was no DDoS attack, and the claim is an effort by Pai's FCC faction to downplay the overwhelming public outcry the FCC received over the chairman's plans to eliminate net neutrality protections.

So, FCC, how about that massive DDoS? Hello? Hello...? You still there?

With those provisions having been formally stricken earlier this week, Wyden and Schatz say they want to get to the bottom of things once and for all. The duo is asking Pai to revisit his initial response to the issue and provide reports (if there are any) from third-party investigators that would support the DDoS claim.

"We request that you update, revise, and/or reaffirm in their entirety the responses that you previously provided," the letter to Pai (PDF) reads.

"In addition, clarify whether you continue to classify the May 7-8, 2017, event as a DDoS attack and the basis for your classification."

An 'informed' source

Meanwhile, Wyden is also pressing the EAC to explain some of its own spurious reasoning in regards to its anti-tampering efforts for elections.

The Oregon Senator this week sent a letter to Election Assistance Commissioners Thomas Hicks and Christy McCormick seeking more details on what they are doing to make sure hackers in Russia and other foreign groups are unable to hack US voting systems.

In particular, a skeptical Wyden wants to know what "experts" the FEC has enlisted to help them manage their security infrastructure.

"In a public letter on January 7, 2017, Commissioner McCormick dismissed the intelligence community's assessment that Russia engaged in election interference in 2016. In support of this claim, Commissioner McCormick cited statements made by John McAfee during a TV appearance on Russia Today on January 6, 2017," Wyden points out (PDF).

"In her letter, Commissioner McCormick described Mr. McAfee as a 'cyber security expert.' Please identify all of the other cybersecurity experts the EAC has relied upon for advice since January 2016."

In a related effort, Wyden is one of six senators sponsoring a voting security bill dubbed the "Protecting American Votes and Elections Act."

The bill (PDF) would require all state and local governments to a adopt a set of basic security measures and maintain paper trails to help track ballots and guard against tampering on electronic voting machines.

"Any failure to secure our elections amounts to disenfranchising American voters," Wyden said of the bill.

"For Americans to have confidence that their votes count, and that election results are free and fair, there absolutely have to be paper ballots and mandatory audits for each and every federal election." ®